diff --git a/includes/common.inc b/includes/common.inc
index d59e864a94f..7ca504bc17f 100644
--- a/includes/common.inc
+++ b/includes/common.inc
@@ -1969,8 +1969,15 @@ function drupal_mail($mailkey, $to, $subject, $body, $from = NULL, $headers = ar
     'Content-Transfer-Encoding' => '8Bit',
     'X-Mailer' => 'Drupal'
   );
-  if (isset($from)) {
-    $defaults['From'] = $defaults['Reply-To'] = $defaults['Return-Path'] = $defaults['Errors-To'] = $from;
+  // To prevent e-mail from looking like spam, the addresses in the Sender and
+  // Return-Path headers should have a domain authorized to use the originating
+  // SMTP server.  Errors-To is redundant, but shouldn't hurt.
+  $default_from = variable_get('site_mail', ini_get('sendmail_from'));
+  if ($default_from) {
+    $defaults['From'] = $defaults['Reply-To'] = $defaults['Sender'] = $defaults['Return-Path'] = $defaults['Errors-To'] = $default_from;
+  }
+  if ($from) {
+    $defaults['From'] = $defaults['Reply-To'] = $from
   }
   $headers = array_merge($defaults, $headers);
 
diff --git a/modules/system/system.module b/modules/system/system.module
index f9cc1b33629..55282f3a8ab 100644
--- a/modules/system/system.module
+++ b/modules/system/system.module
@@ -574,7 +574,8 @@ function system_site_information_settings() {
     '#type' => 'textfield',
     '#title' => t('E-mail address'),
     '#default_value' => variable_get('site_mail', ini_get('sendmail_from')),
-    '#description' => t('A valid e-mail address for this website, used by the auto-mailer during registration, new password requests, notifications, etc.')
+    '#description' => t('A valid e-mail address to be used as the "From" address by the auto-mailer during registration, new password requests, notifications, etc.  To lessen the likelihood of e-mail being marked as spam, this e-mail address should use the same domain as the website.'),
+    '#required' => TRUE,
   );
   $form['site_slogan'] = array(
     '#type' => 'textfield',